|
255451
|
6.1 |
MEDIUM
Network
|
phreesoft
|
phreebookserp
|
An issue was discovered in PhreeBooksERP before 2017-02-13. The vulnerability exists due to insufficient filtration of user-supplied data in the "form" HTTP GET parameter passed to the "PhreeBooksERP…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5990
|
2024-11-21 12:28 |
2017-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255452
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of servi…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-5972
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255453
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted sy…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5970
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255454
|
4.0 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by r…
|
CWE-200
Information Exposure
|
CVE-2017-5967
|
2024-11-21 12:28 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255455
|
6.1 |
MEDIUM
Network
|
openenergymonitor
|
emoncms
|
An issue was discovered in Emoncms through 9.8.0. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "emoncms-master/Modules/v…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5964
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255456
|
6.1 |
MEDIUM
Network
|
caddy_project
|
caddy
|
An issue was discovered in caddy (for TYPO3) before 7.2.10. The vulnerability exists due to insufficient filtration of user-supplied data in the "paymillToken" HTTP POST parameter passed to the "cadd…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5963
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255457
|
6.1 |
MEDIUM
Network
|
netresearch
|
contexts_wurfl
|
An issue was discovered in contexts_wurfl (for TYPO3) before 0.4.2. The vulnerability exists due to insufficient filtration of user-supplied data in the "force_ua" HTTP GET parameter passed to the "/…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5962
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255458
|
6.1 |
MEDIUM
Network
|
ionizecms
|
ionize
|
An issue was discovered in ionize through 1.0.8. The vulnerability exists due to insufficient filtration of user-supplied data in the "path" HTTP GET parameter passed to the "ionize-master/themes/adm…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5961
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255459
|
6.1 |
MEDIUM
Network
|
phalconeye_project
|
phalconeye
|
An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/pu…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5960
|
2024-11-21 12:28 |
2017-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255460
|
9.8 |
CRITICAL
Network
|
serialize-to-js_project
|
serialize-to-js
|
An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaS…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-5954
|
2024-11-21 12:28 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
